jscott1979
asked on
Cannot open Outlook web access 2003 from internet.......500 POINTS
Setup:
Exchange 2003 behind sonic firewall. Setup exchange security per site below suggestions.
http://www.msexchange.org/tutorials/Securing-Exchange-Server-2003-Outlook-Web-Access-Chapter5.html
I have mapped a port through the firewall to the exchange server port 443.
Basically I want users on the internet to be able to get to Outook Web Access via this route:
External IP address and port xxx.xxx.xxx.xxx:xxxx with IE.
The problem I'm having is when I do this I logon but I get the error page cannot be found. My logon is excepted but I do not know how to point the user to the OWA logon page.
Internally I can get there by exchangeserver/exchange in IE.
How do I get the external user to get to the OWA logon page?
Exchange 2003 behind sonic firewall. Setup exchange security per site below suggestions.
http://www.msexchange.org/tutorials/Securing-Exchange-Server-2003-Outlook-Web-Access-Chapter5.html
I have mapped a port through the firewall to the exchange server port 443.
Basically I want users on the internet to be able to get to Outook Web Access via this route:
External IP address and port xxx.xxx.xxx.xxx:xxxx with IE.
The problem I'm having is when I do this I logon but I get the error page cannot be found. My logon is excepted but I do not know how to point the user to the OWA logon page.
Internally I can get there by exchangeserver/exchange in IE.
How do I get the external user to get to the OWA logon page?
If the above adding /exchange fixes your problem, you might want to look at:
http://support.microsoft.com/kb/555053/en-us
If you dont want the users to have to put /exchange for the address.
If you cant get to OWA after putting /exchange, try making a test .asp page and put it in the root of the site to make sure that asp is rendering correctly.
http://support.microsoft.com/kb/555053/en-us
If you dont want the users to have to put /exchange for the address.
If you cant get to OWA after putting /exchange, try making a test .asp page and put it in the root of the site to make sure that asp is rendering correctly.
ASKER
Adding xxx.xxx.xxx.xxx:xxxx/excha
ASKER
I did as instructed by the link lwoods56 posted to find the same error "page cannot be displayed." At the bottom it says "Cannot find server or DNS error."
Let me elaborate a bit more on my configuration:
In the IE address bar I'm typing https://xxx.xxx.xxx.xxx:xxxx where the :xxxx is a port I have mapped through the firewall to arrive at the 443 port on the exchange server. Could that be the problem? I have also tried just http://xxx.xxx.xxx.xxx:xxxx and /exchange after the :xxxx with no luck.
When I go to the site I get the SSL logon popup, type in my credentials (domain/user and pass) which are excepted but get the "page cannot be displayed" error.
According to the link above by following those instructions I shouldn't get the logon popup I shoud get the OWA logon page but I do not.
Is there any way to reset all the defaults for the default web site so I can start over fresh because I have made quite a few changes.
Let me elaborate a bit more on my configuration:
In the IE address bar I'm typing https://xxx.xxx.xxx.xxx:xxxx where the :xxxx is a port I have mapped through the firewall to arrive at the 443 port on the exchange server. Could that be the problem? I have also tried just http://xxx.xxx.xxx.xxx:xxxx and /exchange after the :xxxx with no luck.
When I go to the site I get the SSL logon popup, type in my credentials (domain/user and pass) which are excepted but get the "page cannot be displayed" error.
According to the link above by following those instructions I shouldn't get the logon popup I shoud get the OWA logon page but I do not.
Is there any way to reset all the defaults for the default web site so I can start over fresh because I have made quite a few changes.
Lets start with getting IIS to display something....
Are you using a private or public certificate for your SSL Server?
If using a private certificate does it prompt you to accept it?
Create a simple HTML file and put it in the root of your IIS Default Site. Then try to browse to in internally and then externally. If that works then try a simple ASP Pages.
You might also want to turn off friendly messages in IE. Go to Tools -> Internet Options -> Advanced Tab then uncheck the "Show Friendly HTTP Error Messages". This might give a more helpful error page.
Are you using a private or public certificate for your SSL Server?
If using a private certificate does it prompt you to accept it?
Create a simple HTML file and put it in the root of your IIS Default Site. Then try to browse to in internally and then externally. If that works then try a simple ASP Pages.
You might also want to turn off friendly messages in IE. Go to Tools -> Internet Options -> Advanced Tab then uncheck the "Show Friendly HTTP Error Messages". This might give a more helpful error page.
ASKER
I'm using a private certificate and yes it does prompt me to accept and when I do I get the logon popup. From there type in my credetials which are excepted then i get the "page cannot be displayed" message.
From internally I can get to the OWA logon by IE https://exchangeserver/exchange with no problem.
From I externally I've tried https://xxx.xxx.xxx.xxx:xxxx/exchange and without exchange to get the "page cannot be displayed".
I unchecked off the "show friendly HTTP error messages" and went through the process again to get the same message "page cannot be displayed"
Some how I'm not being able to resolve the exchange page externally.
From internally I can get to the OWA logon by IE https://exchangeserver/exchange with no problem.
From I externally I've tried https://xxx.xxx.xxx.xxx:xxxx/exchange and without exchange to get the "page cannot be displayed".
I unchecked off the "show friendly HTTP error messages" and went through the process again to get the same message "page cannot be displayed"
Some how I'm not being able to resolve the exchange page externally.
Here is an article to check all permissions on the Default Website:
http://support.microsoft.com/default.aspx?scid=kb;en-us;327843
Check to see if the following from the bottom of the article is met:
If domain users can log on to Outlook Web Access internally, but they receive a 401 error when they try to connect remotely through a proxy server, confirm that the users are assigned the following rights on the proxy server:
• Log on locally
• Access this computer from the network
http://support.microsoft.com/default.aspx?scid=kb;en-us;327843
Check to see if the following from the bottom of the article is met:
If domain users can log on to Outlook Web Access internally, but they receive a 401 error when they try to connect remotely through a proxy server, confirm that the users are assigned the following rights on the proxy server:
• Log on locally
• Access this computer from the network
Disregard the configure proxy server lines. my apologies.
Do you have Forms Based Authentication Enabled?
ASKER
Update:
Reset all OWA virtual directories following instructions from this article-
http://www.msexchange.org/tutorials/Fixing-Damaged-Incorrectly-Configured-OWA-2003-Installation.html
It reset everything except my certificate and kept forms based authentication enabled.
Now when I go to
https://xxx.xxx.xxx.xxx:xxxx
or
https://xxx.xxx.xxx.xxx:xxxx/exchange
I get redirected to
https://xxx.xxx.xxx.xxx/exchweb/bin/auth/owalogon.asp
which gives me the same message "page cannot be displayed".
But, I noticed in the URL it droped the port behind the IP so I tried
https://xxx.xxx.xxx.xxx:xxxx/exchweb/bin/auth/owalogon.asp
as the beggining address and it worked. I got to the OWA logon page.
Now what happened next is almost the same thing I logged on to the OWA and recieved my friend the message "page cannot be displayed".
I noticed once again that when I logged on the URL dropped the port and redirected me to
https://xxx.xxx.xxx.xxx/exchange
tried adding the port behind the Ip but it still says "page cannot be displayed'
Am I right to assume that the port mapping is causing me most of my trouble?
But shouldn't addind the port after logging on enable be to see the owa email page?
Reset all OWA virtual directories following instructions from this article-
http://www.msexchange.org/tutorials/Fixing-Damaged-Incorrectly-Configured-OWA-2003-Installation.html
It reset everything except my certificate and kept forms based authentication enabled.
Now when I go to
https://xxx.xxx.xxx.xxx:xxxx
or
https://xxx.xxx.xxx.xxx:xxxx/exchange
I get redirected to
https://xxx.xxx.xxx.xxx/exchweb/bin/auth/owalogon.asp
which gives me the same message "page cannot be displayed".
But, I noticed in the URL it droped the port behind the IP so I tried
https://xxx.xxx.xxx.xxx:xxxx/exchweb/bin/auth/owalogon.asp
as the beggining address and it worked. I got to the OWA logon page.
Now what happened next is almost the same thing I logged on to the OWA and recieved my friend the message "page cannot be displayed".
I noticed once again that when I logged on the URL dropped the port and redirected me to
https://xxx.xxx.xxx.xxx/exchange
tried adding the port behind the Ip but it still says "page cannot be displayed'
Am I right to assume that the port mapping is causing me most of my trouble?
But shouldn't addind the port after logging on enable be to see the owa email page?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also, what is the exact error message that you get? Does it include a status code, like 404 or 401 or 403 ?